
United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 22313>14S0 
www.uspto.gov 



APPLICATION NO. 


FILING DATE | 


FIRST NAMED INVENTOR 


ATTORNEY DOCKET NO. | 


CONFIRMATION NO. 


10/825,187 


04/15/2004 


Steven A. Bade 


AUS920040034US1 


7646 



Duke W. Yee 

Carstens, Yee & Cahoon, LLP 
P.O. Box 802334 
Dallas, TX 75380 



EXAMINER 



GELAGAY, SHEWAYE 



ART UNIT 



2137 



PAPER NUMBER 



MAIL DATE 



DELIVERY MODE 



05/15/2007 PAPER 

Please find below and/or attached an Office communication concerning this application or proceeding. 

The time period for reply, if any, is set in the attached communication. 



PTOL-90A (Rev. 04/07) 



Office Action Summary 


Application No. 

10/825.187 


Applicant(s) 

BADE ET AL. 


CXalTliricr 

Shewaye Gelagay 


Art Unit 
2137 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 
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2a)n This action is FINAL. 2b)ISI This action is non-final. 

3) 0 Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) S Claim(s) 1-20 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) |EI Claim(s) 1-20 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) n The specification is objected to by the Examiner. 

10) 0 The drawing(s) filed on is/are: a)\3 accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) 0 The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) n Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)n All b)n Some * c)^ None of: 

1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) S Notice of References Cited (PTO-892) 

2) n Notice of Draflsperson's Patent Drawing Review (PTO-948) 

3) K Information Disclosure Statement(s) (PTO/SB/08) 

Paper No(s)/Mail Date 4/15/04 . 



4) d Inten/iew Summary (PTO-413) 

Paper No(s)/Mall Date. . 

5) CH Notice of Informal Patent Application 

6) □ Other: . 



U.S. Patent and Trademark Office 
PTOL-326 (Rev. 08-06) 



Office Action Summary 



Part of Paper No./Mail Date 20070508 



Application/Control Number: 10/825,187 



Art Unit: 2137 



Page 2 



DETAILED ACTION 

1 . Claims 1 -1 9 have been examined. 

Claim Rejections - 35 USC §112 

2. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

3. Claims 7 provides for the use of "a second value", but, since the claim does not 
set forth any steps involved in the method/process, it is unclear what method/process 
applicant is intending to encompass. A claim is indefinite where it merely recites a use 
without any active, positive steps delimiting how this use is actually practiced. 

Claim 7 is rejected under 35 U.S.C. 101 because the claimed recitation of a use, 
without setting forth any steps involved in the process, results in an improper definition 
of a process, i.e., results in a claim which is not a proper process claim under 35 
U.S.C. 1 01 . See for example Ex parte Dunki, 1 53 USPQ 678 (Bd.App. 1 967) and 
Clinical Products, Ltd. v. Brenner, 255 F. Supp. 131, 149 USPQ 475 (D.D.C. 1966). 

4. Claims 8-9 are also rejected for being dependent on a rejected claim. 



Claim Rejections - 35 USC § 101 
5. 35 U.S.C. 101 reads as follows: 
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Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

6. Claims 7-9 are rejected under 35 U.S.C. 101 because the claimed invention 
lacks patentable utility. Claims 7-9 are directed to method of verifying a source of a log 
file, the claimed subject matter relates only to calculating and comparing a hash value of 

a log file it fails to produce a useful, concrete and tangible result. 

I. 

Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

8. Claims 1-20 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Schneier et al. (hereinafter Schneier) US Patent Number 5,978,475 in view of Grawrock 
et al. (hereinafter Grawrock) US Patent Number 7,058,807. 

As per claims 1 , 7 and 1 0: 

Schneier teaches a method of logging audit events in a data processing system, 
the method comprising the computer implemented steps of: 

writing a sequence of audit records including a final audit record to a first log file 
stored by a data processing system; (figure 3, col. 7, lines 1-25) 

calculating a respective first hash value of each audit record; (figure 3) 
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responsive to calculating each respective first hash value, calculating a 
corresponding second hash value from the first hash value (col. 10, lines 16-35) 
writing the second hash value to the register; (col. 10, lines 16-35) 
responsive to closing the first log file, opening a second log file; (col. 7, lines 1- 
18) and 

writing, to a first record of the second log file, a final second hash value 
corresponding to a first hash value of the final audit record, (col. 10, line 64-col. 1 1 , line 
54) 

Schneier does not explicitly disclose calculating a corresponding second hash 
value from a value of a register associated with the data processing system and writing 
the second hash value to the register. Grawrock in analogous art, however, discloses 
calculating a corresponding second hash value from a value of a register associated 
with the data processing system and writing the second hash value to the register, (col. 
5, line 46-col. 6, line 16) Therefore it would have been obvious to one ordinary skill in 
the art to modify the method disclosed by Schneier with Grawrock in order to have a 
trusted platform module that provides an increased confidence and that enables 
enhancement of auditing and logging (col. 1 , lines 25-31 ; Grawrock) 
As per claims 2, 8, 12-13 and 17: 

The combination of Schneier and Grawrock teaches all the subject matter as 
discussed above. In addition, Schneier further teaches a method comprising: generating 
a cryptographically signed value of the final second hash value; and writing the signed 
value to the first record of the second log file. (col. 10, line 64-col. 11, line 54) 
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As per claims 3 and 19: 

Tlie combination of Sclineier and Grawrock teaches all the subject matter as 
discussed above. In addition, Schneier further teaches a method wherein the signed 
value is generated using an identity of a trusted platform module of the data processing 
system, (col. 9, line 34-col. 10, line 25) 
As per claims 4 and 14: 

The combination of Schneier and Grawrock teaches all the subject matter as discussed 
above. In addition, Schneier further teaches a method wherein each respective first 
hash value and corresponding second hash value are calculated from a US secure 
hashing algorithm-1, (col. 9, line 3-15) 
As per claims 5, 11, 15 and 20: 

The combination of Schneier and Grawrock teaches all the subject matter as 
discussed above. In addition, Schneier further teaches a method wherein writing the 
second hash value further comprises: performing an extend function, wherein the first 
hash value is included as an operand of an extend function call. (col. 10, lines 16-35) 
Grawrock further discloses the register is a platform configuration register, (col. 5, line 
46-col. 6, line 16) 
As per claims 6, 9 and 18: 

The combination of Schneier and Grawrock teaches all the subject matter as 
discussed above. In addition, Grawrock further teaches a method wherein calculating a 
corresponding second hash further comprises: concatenating the register value with the 
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first hash value; and calculating the second hash value from a result of concatenating 
the register value with the first hash value, (col. 5, line 46-col. 6, line 16) 
As per claim 16: 

Schneier teaches a data processing system for recording audit events, 
comprising: 

a memory that contains a first audit log file and an auditing application as a set of 
instructions; (col. 6, lines 12-40) 

a trusted platform module having a platform configuration register; (col. 6, lines 
12-40) and 

a processing unit, responsive to execution of the set of instructions, for 
calculating a hash value of an audit record written to the first audit log file, wherein the 
processing unit, responsive to closing the first log file, identifies a final value of the 
platform configuration register and writes the final value to a second audit log file. (coL 
10, line 64-col. 11, line 54; col. 12, line 9-col. 13, line 10 ) 

Schneier does not explicitly disclose a method that extends a value of the 
platform configuration register with the hash value. Grawrock in analogous art, however, 
discloses a method that extends a value of the platform configuration register with the 
hash value, (col. 5, line 46-col. 6, line 16) Therefore it would have been obvious to one 
ordinary skill in the art to modify the method disclosed by Schneier with Grawrock in 
order to have a trusted platform module that provides an increased confidence and that 
enables enhancement of auditing and logging (col. 1, lines 25-31; Grawrock) 
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Any inquiry concerning tfiis communication or earlier communications from the 
examiner should be directed to Shewaye Gelagay whose telephone number is 571-272- 
4219. The examiner can normally be reached on 8:00 am to 5:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on 571-272-3865. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more infomriation about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (BBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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